Apple releases iOS 4.3.3 with fixes for location database controversy

Apple on Wednesday released iOS 4.3.3 for the iPhone, iPod touch and iPad, addressing issues related to location data stored in a database file on devices running iOS 4.

Apple quickly released the update in response to growing concerns over the "consolidated.db" file that gained attention in recent weeks. The issue gained so much attention, in fact, that Apple was forced to issue a statement on the matter a week ago.

Apple said the iOS 4.3.3 update contains changes to the iOS crowd-sourced location database cache including:
Reduces the size of the cache
No longer backs up the cache to iTunes
Deletes the cache entirely when Location Servcies is turned off.
The iOS 4.3.3 update is available now through iTunes. It applies to the GSM-based iPhone 4, iPhone 3GS, iPad 2, iPad, and third- and fourth-generation iPod touch. Also availble is iOS 4.2.8 for the CDMA iPhone 4.

Apple promised last week that the location database issues would be addressed in a software update in a matter of weeks. But the company acted quickly to release the iOS update, making it available just a week after the company publicly spoke out on the matter.

The update aims to calm growing concern over a bug in iOS 4 that stored a database of up to a year's worth of Wi-Fi hotspot and cell tower locations. Apple said they don't think the iPhone needs to store more than seven days worth of such data.

The company admitted that the data should not be collected when users turn off Location Services on their iPhone, and the fact that it was being stored was a bug. Apple also promised that its next "major" iOS software release would encrypt the file on the iPhone, ensuring that the data could not be obtained by a third party for illicit purposes.

Before Apple spoke out on the issue, it prompted lawsuits, government investigations around the world, and a scheduled hearing on mobile privacy in the U.S. Senate, set to involve both Apple and Google on May 10.

The issue gained attention after two security researchers publicized their findings related to the "consolidated.db" file stored on the iPhone. Though the file created by iOS 4 is not sent to Apple or anyone else.

Oh how the media likes to blow things out of proportion. To be honest I had no care about this tracking location crowd sourcing thing, didn't bother me at all.

Same here. The media are really, really getting out of hand in this country (US). Next we'll have a week-long expose on how the iPhone allows the person you're calling to hear an actual digitized version of your own private voice, which might allow them to steal your soul!

What makes me doubly-sad is that A) the media makes money scaring people over nothing, and B) such a ridiculously large percentage of the population laps it up and runs in circles waving their hands in the air (judging from the idiotic comments I read on Facebook and news sites, anyway).

Journalism is publishing what someone doesn't want us to know; the rest is propaganda.-Horacio Verbitsky (el perro), journalist (b. 1942)

The irony of course was that all this attention was in a period of weeks where:

1) Sony's networks were miserably hacked, and it was revealed they were saving private data (not financial though) in plain text.
2) Sony's networks were hacked again, and it was revealed that they were saving data for accounts created before 2007 (not sure about the exact year/date) in plain text, and that those credit card details were stolen.
3) TomTom was revealed to have sold location data to the Dutch government, which in turn used it to issue speeding tickets to people.
4) Google's Android saved the same data, but moreover, it was revealed a Google VP said that this was extremely valuable data that needed to be collected in emails a year ago.

etc...

And the one the biggest ruckus was created was about a bug that stored a LOCAL file on your own computer, and wouldn't even reveal location very accurately.

Off topic, but why is it that the Verizon iPhone 4 is still stuck on 4.2.X? The CDMA firmware info is obviously in 4.3.X, since the Verizon iPad 2 has 4.3.X, but the phones do not for whatever reason. That just bugs me. I would like to have the faster Javascript engine in Safari as well as the enhanced AirPlay features, but I guess I'll just have to wait until iOS 5 (hopefully).

It is a little funny that people are all excited about this "problem". Tracking on phones is the least of our worries. The government has satellites that can count the number of hairs on our heads and they are worried about phones?

That's why it's so slow? And here I thought it was 4-year-old hardware trying to run software that it was never designed for. Silly me.

4.2.1 was the last legitimate update for the 3G and was partially created to alleviate the damage apple had done to the 3G experience with their previous iOS version. It's still very slow and that's no-one's fault but Apple's.

Many of the most important software concepts were invented in the 70s and forgotten in the 80s.

I was under the impression that TomTom had sold aggregate speeding data to the government and the government used it to position speed cameras.

As long as individuals were not named I don't see a human rights or privacy issue and if it helps catch speeding drivers at a later date then it's doing more good for the taxpayers euros.

Not so fast...

TomTom itself, let alone their customers, wasn't even aware the data would be used this way.

The aggregate use excuse may not exactly apply here. Essentially data was being collected that indicated exactly where the law was being broken and then sold to the government who in turn placed cameras at those spots to nail drivers. So if you drove to and from work every day on the same highway and went over the speed limit say while going downhill/merging at a particular spot, that might show up in the database numerous times, and you might have a camera installed solely because of your data.

In other words, you may have purchased a device that gave the company data about you which was sold to the government telling them where to set up a camera to observe you breaking the law.

Now, it's easy to get distracted with the thought that the answer is "well, don't break the law", but the problem here is that we (at least most in the US) want to live in a society with reasonable enforcement of the laws and not law enforcement as an automated for-profit system where 24/7 any infraction however minor, victimless, or insignificant results in a penalty steep enough to generate a profit for the corporations involved.

4.2.1 was the last legitimate update for the 3G and was partially created to alleviate the damage apple had done to the 3G experience with their previous iOS version. It's still very slow and that's no-one's fault but Apple's.

The irony of course was that all this attention was in a period of weeks where:

1) Sony's networks were miserably hacked, and it was revealed they were saving private data (not financial though) in plain text.
2) Sony's networks were hacked again, and it was revealed that they were saving data for accounts created before 2007 (not sure about the exact year/date) in plain text, and that those credit card details were stolen.
3) TomTom was revealed to have sold location data to the Dutch government, which in turn used it to issue speeding tickets to people.
4) Google's Android saved the same data, but moreover, it was revealed a Google VP said that this was extremely valuable data that needed to be collected in emails a year ago.

etc...

And the one the biggest ruckus was created was about a bug that stored a LOCAL file on your own computer, and wouldn't even reveal location very accurately.

You have to expect news about Apple to always get the most attention. They are the company that the largest number of people care about. Apple gets way more attention than anybody else when they release a new product. But you have to take the good with the bad. They are also going to get a lot more attention when something goes wrong. Even if it might not be that big of a deal.

The issue gained attention after two security researchers publicized their findings related to the "consolidated.db" file stored on the iPhone. Though the file created by iOS 4 is not sent to Apple or anyone else.

Yes, the file itself is not sent but the crowdsourced information is. "These calculations are performed live on the iPhone using a crowd-sourced database of Wi-Fi hotspot and cell tower data that is generated by tens of millions of iPhones sending the geo-tagged locations of nearby Wi-Fi hotspots and cell towers in an anonymous and encrypted form to Apple." (Apple press release)

I noticed that in my house my iPad 2 now no longer locates my position. Since the past few days. Looks like Apple itself culled a lot of info on it's location services on its server side as well in response to this fluffed up "fiasco".

JAILBREAKERS SAVE YOUR SHSHs for 4.3.2 before Apple stops signing it. TinyUmbrella is best for now to save your SHSHs locally so there is no (well, reduced) issues in the future.

Bah never mind. Recently it's been impossibly hard to restore any firmware other than the latest one. Apple won't even allow a legit restore of a non-jailbreak 4.3.2 on top of a non-jailbreak 4.3.2 install. Phone is bricked until I go back home and do the 600mb dance to get 4.3.3. Downloading the update is trivial for some, but here in the 3rd world it may take a few hours.

My iPhone4 Home button recently started getting flaky. Gonna jailbreak and use Activator so I don't have to touch that annoying button! In the meantime I have to wait 1 month or more for a replacement (if given), see my other thread.

4.2.1 was the last legitimate update for the 3G and was partially created to alleviate the damage apple had done to the 3G experience with their previous iOS version. It's still very slow and that's no-one's fault but Apple's.

Sorry mate - but it aint that slow. Its usable. What is scandalous though is the removal of tethering, that bugs me more than the location issue. Time to jailbreak I guess....

Collecting and calculating wifi/tower location data and storing it to a file on the phone most likely consumes a tiny fraction of the processing capacity of the phone. Is the iPhone 3G still slow when sitting in one spot, with this service idle? Yes. This crowd-sourcing utility has little to do with the performance of iOS on this ancient device.

Maybe it has something to do with the fact that the iPhone 3G is THREE YEARS OLD!

Operating system upgrades always include new functionality that require additional processing power, memory, and storage. Seldom do things shrink from a system resources footprint standpoint. To expect to be able to upgrade the operating system (on a computer or a phone) in perpetuity without upgrading the actual hardware is ludicrous.

To those who are upset over "progress" making your phones slow, then downgrade to an earlier iOS or buy new hardware...